package org.example.servlet;

import org.example.DAO.UserDao;
import org.example.Util.DataSourceUtil;
import org.example.Util.PasswordUtil;
import org.example.impl.UserDaoImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.sql.SQLException;

@WebServlet("/ForgetPasswordServlet")
public class UserResetPasswordServlet extends HttpServlet {
    private static final Logger logger = LoggerFactory.getLogger(UserResetPasswordServlet.class);
    private static final String FIXED_VERIFICATION_CODE = "123456"; // 固定验证码

    private UserDao userDao;

    @Override
    public void init() throws ServletException {
        super.init();
        try {
            this.userDao = new UserDaoImpl(DataSourceUtil.getDataSource());
        } catch (Exception e) {
            throw new ServletException("初始化用户DAO失败", e);
        }
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        request.setCharacterEncoding("UTF-8");
        response.setCharacterEncoding("UTF-8");

        String account = request.getParameter("account");
        String verificationCode = request.getParameter("verificationCode");
        String newPassword = request.getParameter("newPassword");
        String confirmPassword = request.getParameter("confirmNewPassword");

        try {
            // 验证验证码
            if (!FIXED_VERIFICATION_CODE.equals(verificationCode)) {
                request.setAttribute("error", "验证码错误");
                request.getRequestDispatcher("forgetPassword.jsp").forward(request, response);
                return;
            }

            // 验证密码
            if (newPassword == null || newPassword.trim().isEmpty()) {
                request.setAttribute("error", "新密码不能为空");
                request.getRequestDispatcher("Userpassword.jsp").forward(request, response);
                return;
            }

            if (!newPassword.equals(confirmPassword)) {
                request.setAttribute("error", "两次输入的密码不一致");
                request.getRequestDispatcher("Userpassword.jsp").forward(request, response);
                return;
            }

            // 更新密码
            String encryptedPassword = PasswordUtil.encryptPassword(newPassword);
            boolean success = userDao.updatePassword(account, encryptedPassword);

            if (success) {
                request.setAttribute("success", "密码重置成功，请使用新密码登录");
                request.getRequestDispatcher("Userlogin.jsp").forward(request, response);
            } else {
                request.setAttribute("error", "密码重置失败，请稍后再试");
                request.getRequestDispatcher("Userpassword.jsp").forward(request, response);
            }

        } catch (SQLException e) {
            logger.error("密码重置数据库错误: {}", e.getMessage());
            request.setAttribute("error", "系统错误，请稍后再试");
            request.getRequestDispatcher("Userpassword.jsp").forward(request, response);
        }
    }
}